package com.itqf.controller;

import com.itqf.utils.R;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * @Description:
 * @Company: 千锋互联
 * @Author: 李丽婷
 * @Date: 2021/1/28
 * @Time: 上午11:37
 */
@Controller
@RequestMapping("/user")
public class UserController {

    //必须具有该权限才能访问
    //默认逻辑连接符号 and  Logical logical() default Logical.AND; 并且，都得具有
    //Logical.OR  或者，只需要其中一个就能访问
    @RequiresPermissions(value = {"sys:user:find","sys:user:add"},logical = Logical.AND)
    @RequestMapping("/test")
    @ResponseBody
    public R test(){
        System.out.println("/user/**");

        return  R.ok("能访问");
    }


    /**
     * HTTP Status 500 - Request processing failed; nested exception is org.apache.shiro.authz.UnauthorizedException:
     * Subject does not have role [管理员]
     * @return
     */
   // @RequiresPermissions(value = {"sys:user:find","sys:user:add"},logical = Logical.AND)
    @RequiresRoles("管理员") //具有管理员角色才能访问
    //    Logical logical() default Logical.AND;
    @RequestMapping("/test1")
    @ResponseBody
    public R test1(){
        System.out.println("/user/**");

        return  R.ok("能访问");
    }



}
